[jboss-cvs] JBossAS SVN: r81390 - trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Fri Nov 21 00:45:44 EST 2008 

Author: anil.saldhana at jboss.com
Date: 2008-11-21 00:45:44 -0500 (Fri, 21 Nov 2008)
New Revision: 81390

Modified:
   trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
Log:
JBAS-6226: SecurityContextEstablishmentValve is injected only in the presence of security constraints

Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java	2008-11-21 05:13:29 UTC (rev 81389)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/service/deployers/TomcatDeployment.java	2008-11-21 05:45:44 UTC (rev 81390)
@@ -54,6 +54,7 @@
 import org.jboss.deployers.vfs.spi.structure.VFSDeploymentUnit;
 import org.jboss.logging.Logger;
 import org.jboss.metadata.web.jboss.JBossWebMetaData;
+import org.jboss.metadata.web.spec.SecurityConstraintMetaData;
 import org.jboss.mx.util.MBeanServerLocator;
 import org.jboss.naming.NonSerializableFactory;
 import org.jboss.security.SecurityUtil;
@@ -337,13 +338,19 @@
       if (metaDataSecurityDomain != null)
          metaDataSecurityDomain = metaDataSecurityDomain.trim();
       
-      // Add a valve to establish security context
-      SecurityContextEstablishmentValve scevalve = new SecurityContextEstablishmentValve(metaDataSecurityDomain,
-            SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()), 
-            SecurityActions.loadClass(config.getSecurityContextClassName()), getSecurityManagement());
-      context.addValve(scevalve);
+     List<SecurityConstraintMetaData> constraints = metaData.getSecurityContraints();
+     
+     //JBAS-6226: SecurityContextEstablishmentValve kicks in only with security metadata
+     if(constraints != null &&  constraints.size() > 0)
+     {   
+        // Add a valve to establish security context
+        SecurityContextEstablishmentValve scevalve = new SecurityContextEstablishmentValve(metaDataSecurityDomain,
+              SecurityUtil.unprefixSecurityDomain(config.getDefaultSecurityDomain()), 
+              SecurityActions.loadClass(config.getSecurityContextClassName()), getSecurityManagement());
+        context.addValve(scevalve); 
+     }
 
-      // Add a valve to estalish the JACC context before authorization valves
+      // Add a valve to establish the JACC context before authorization valves
       Certificate[] certs = null;
       CodeSource cs = new CodeSource(url, certs);
       JaccContextValve jaccValve = new JaccContextValve(metaData, cs);

More information about the jboss-cvs-commits mailing list